Plan Risk Responses

00:01 Hello and welcome.

00:02 This module will look at the plan risk responses process in the PMBOK guide. It's got a very high exam importance because the exam stresses and places a great deal of importance on appropriate proactive and reactive risk response planning as a key component in successful risk management and successful project management.

00:27 The difficulty is low, though, because you probably do some of these things already.

00:31 If you do risk management on your project and there are some new concepts to introduce you to, particularly around strategies for positive risk or uncertainty, and as such, the memorization is rated as medium, but do pay particular attention to these particular strategies because there's almost certainly going to be questions in the exam on these.

00:57 So the plan risk response process is one of six processes in total and the risk management knowledge area.

01:07 There are five planning process and this one comes at the end, but it's not the last because it's an iterative process.

01:15 So even though those processes are presented as a list and give you the impression that you do one, identify risks and then you do perform qualitative risk analysis and then quantitative risk analysis and then plan risk responses.

01:29 That's not actually how it works in real life.

01:33 It's an iterative reoccurring process where they all happen concurrently.

01:38 The particular domain task? And remember, it's the domain tasks that make up the contents of the exam that this process focuses on is Planning Task 10, which says develop the risk management plan by identifying, analyzing and prioritizing project risks and defining risk response strategies in order to manage uncertainty and opportunity throughout the project lifecycle.

02:06 And obviously what we're focusing on and that sentence is defining risk response strategies. The key themes of this process are, well, we've gone ahead and we've identified our risks.

02:21 With prioritize them and maybe even assigned a quantity, a quantitative value to them. So what are we doing next logically? Well, we proactively plan our responses to each one.

02:33 Now we can actually have multiple responses too.

02:37 We can have some proactive responses and reactive responses for each of our risk events. It's not a one to one relationship, as in one event, one response, it's not uncommon to have multiple planned responses for each risk event. But remember, and here's a key tip.

02:55 If a question in the exam says that you've just completed risk response planning and identified particular risk response work to be done, what is the next step? Well, the next step is always to ensure that your project scope and scope baseline are updated. Because you've just described extra work to be done on the project. And don't forget, once it's been added to the scope baseline, you need to estimate cost and time and check that that work's being done.

03:26 So do keep that in mind.

03:28 Risk response work is extra work to be done on the project and needs to become part of your project scope.

03:37 The possible inputs that we will want for this process include our risk management plan, obviously, because that's going to guide our risk response planning work and of course, our risk register without our risk register.

03:52 We simply couldn't do risk response planning.

03:55 It's got the information in it about our identified risks.

03:59 Any qualitative analysis we've done, any quantitative analysis we've done.

04:05 And we're going to use all of this information to plan appropriate risk responses. The particular tools and techniques that we may choose to use, if appropriate, include strategies for negative risks or threats and strategies for positive risks or opportunities. Remember, risk simply means uncertainty and there can be negative or positive risks or uncertainty on your project. We're all very used to the negative risks, the chance of coming in over budget or coming in over time.

04:43 But what about the chance of coming in under budget or finding a new technology or exceeding client expectations? These are all positive risks, and you should be prepared to see if he can make those things happen and if they do happen, make their impact bigger.

05:00 Now this concept of positive risks is often new to a lot of people who think that risk management is purely around negative risks for the exam.

05:10 You'll need to be aware of negative and positive risks and a little tip.

05:14 When I do a risk register, I like to make about one third of the risks on it.

05:19 Positive risks.

05:22 Once we've got our actual risk strategies for either negative or positive, we may also want to put in place some contingent response strategies, and we'll have a look at those shortly.

05:32 These are strategies for things we can't properly plan for.

05:38 We'll also want to use expert judgment.

05:41 Remember, you're an expert.

05:43 Your project team members, particularly those who've done the sort of project before and dealt with these sort of risks before, are also experts.

05:52 And you may also wish to reach out to risk management professionals with particular expertise in this area to get appropriate responses. So let's take a closer look at strategies for negative risk and strategies for positive risk. The first of our strategies for negative risk is to avoid the risk.

06:17 And by avoiding the risk, we choose to not engage in the activity that could lead to the risk. Remember, and communications avoidance is bad, but not on risk management.

06:28 So an example is you could avoid the risk of traffic on the motorway by taking a back road.

06:35 Perhaps you've identified the risk of an earthquake hitting your multi-story building during construction.

06:41 How could you avoid it build in another city that's not prone to earthquakes? So avoidance as a strategy for negative risk means avoiding the risk entirely. Another strategy is transfer, so for negative risks, we can choose to make the risk someone else's problem.

07:01 So if the risk does occur, it's not our problem, it's theirs and they need to deal with it. And the most common way of transferring risk is with insurance. In fact, the whole insurance industry is built up on accepting somebody else's risk.

07:18 Another strategy for negative risks is to mitigate.

07:22 And with mitigation, we're going to try and lease listen either the impact or the likelihood of the risk.

07:28 We know it's going to have an impact and we know it's got a probability or likelihood, but we're going to try and reduce it.

07:34 If it does happen, not get rid of it completely.

07:37 That's avoidance.

07:39 So, for example, we may choose to build a house to certain specifications to lessen the impact of a hurricane or perhaps an earthquake.

07:48 So we know the risk is going to happen.

07:50 We're trying to mitigate the effect or the likelihood.

07:55 Here are some strategies for positive risks.

07:58 The first one is exploit, and this is an attempt to remove the uncertainty and make sure the event will happen or increase the chances of it happening. So, for example, if there is a risk, a positive risk that the project will be more profitable than anticipated.

08:16 Make sure the contributing factors are identified and continued.

08:20 What else can you do to increase that profit? Put in place those strategies now exploit that opportunity.

08:29 Another strategy for positive risks includes sharing.

08:34 Now this is particularly important when looking for work because you may improve the chance of the risk occurring by working with another party with particular expertise or with another set of contractors.

08:47 So, for example, you may increase the chances of winning a particular job. By sharing the responsibility with a complimentary vendor in response to a request for proposal sharing.

09:05 Another strategy is enhance.

09:09 You want to increase either the likelihood or the impact of the positive risk occurring. A simple example is to increase the risk of winning a lottery by buying more tickets, but perhaps a more relevant example would be increase the chances of doing great customer work, bringing it in under budget or ahead of time by perhaps assigning your senior staff, rather than your junior staff, to a particular set of project work.

09:37 So enhance.

09:38 So I've given you three strategies for negative risk and three strategies for positive risk. Remember, the three strategies for negative risks are avoid, mitigate or transfer for positive it's share, enhance and exploit.

09:54 But there's a strategy that they both have in common and that's accept.

10:00 For both positive and negative risks, you could simply choose to accept it. It is going to happen, and if it does happen, you'll deal with it. So if the cost or impact of the response is greater than the cost or impact of the risk? It may be that your best strategy is simply to accept that and deal with it if it happens. So for the exam, you'll need to remember all of those strategies.

10:28 So in total, there are, in fact, four for each.

10:32 So remember for negative.

10:34 It's a void transfer, mitigate or accept for positive risks, exploit, share, enhance or accept. Now, despite all your best efforts at risk response planning, and no matter how good you are, you always have to anticipate that you might not have planned for everything and so you need some contingent response strategies.

11:01 The first one is a contingency or fallback plan, and this is your plan to deal with unforeseen risks triggered by preset conditions, so the conditions could be a consistent rise in the price of oil.

11:16 Now you don't know what it's going to cause, but they are the trigger conditions and it tells you to pre-purchase or reduce your fuel expenditure some way.

11:25 So having a contingency plan or fallback plan is very useful.

11:29 I recall one project I worked on many years ago where our contingency plan was a phone tree, which told us if something happens that we haven't foreseen.

11:39 These are the people to ring to figure out what to do.

11:42 It was a great contingency plan to have in place.

11:45 The other contingent response strategy that you need to know for the exam is the workaround, and this is a temporary solution to get you through the risk.

11:55 Now, you probably haven't anticipated this risk or couldn't have reasonably foreseen it.

12:01 But it gets you around. And one of the best examples that I like is, in fact, the movie Apollo 13.

12:07 And if you've seen the movie starring Tom Hanks and he utters those famous words, Houston, we have a problem when he looks outside and sees the canister venting gas into space. Well, if you watch that movie, what happens next is a workaround.

12:21 The technicians and engineers at NASA go through their planned risk responses and discover they have no planned risk response for the strategy.

12:30 So instead, what they do is create a workaround.

12:33 They go into a room, they get the right people in the room and they create a temporary solution.

12:38 In this case, some filters to get the astronauts back to Earth.

12:43 So a workaround is a temporary solution to get you through the risk.

12:48 Now, don't rely on workarounds to get you through the entire project.

12:52 Well, I guess unless, of course, you've got a very high risk tolerance in your organizational culture.

12:58 The workaround is generally a part of an area of last resort for your risk management, but for the purposes of the exam, you need to know what a workaround is.

13:10 The particular outputs from the plan risk responses process include project management plan updates.

13:18 Updates to your risk management plan.

13:20 Your Scope Management Plan.

13:22 Your Time Management plan because your planned risk responses may incur extra cost and time as a result of the extra work to be done. So keep that in mind.

13:34 I began this module by telling you that if you do develop risk responses, they represent extra work to be done on the project.

13:43 That extra work needs to be captured in your scope baseline, and once it's in your scope baseline, it's part of your WBS or work breakdown structure. And therefore you can allocate time, cost and people to doing the work and check that it's being done.

14:01 So those are the elements of your project management plan that you may update.

14:06 And of course, you will do some project document updates as well, particularly success of iterative updates to your risk register where you put in place your planned risk responses.

14:19 You may also choose to update lessons learned and remember with lessons learned, you are collecting those throughout the entire project for collation and documentation at the end of the project.

14:33 So in summary, the plan risk responses process proactively plans and appropriate response or responses.

14:41 Remember, we can have multiple responses to a single risk event.

14:47 And puts them into the risk register, and they become work to be done on the project.

14:55 Thank you very much.

14:56 This has been an introduction and an overview to the plan risk responses process of the PMBOK guide.